[FFmpeg-devel] [PATCH] avcodec/utils: fix check for invalid timebase when decoding subtitles

Hendrik Leppkes h.leppkes at gmail.com
Mon Dec 28 10:25:14 CET 2015


On Sun, Dec 27, 2015 at 9:29 PM, Andreas Cadhalpun
<andreas.cadhalpun at googlemail.com> wrote:
> On 27.12.2015 21:13, Hendrik Leppkes wrote:
>> On Sun, Dec 27, 2015 at 9:03 PM, Andreas Cadhalpun
>> <andreas.cadhalpun at googlemail.com> wrote:
>>> On 27.12.2015 20:43, Hendrik Leppkes wrote:
>>>> On Sun, Dec 27, 2015 at 8:29 PM, Andreas Cadhalpun
>>>> <andreas.cadhalpun at googlemail.com> wrote:
>>>>> On 27.12.2015 20:10, Hendrik Leppkes wrote:
>>>>>> Invalid timebases have a zero numerator, not denominator.
>>>>>
>>>>> A timebase with zero numerator is probably invalid, but a timebase
>>>>> with zero denominator is not even well defined.
>>>>> So this comment doesn't seem quite right.
>>>>>
>>>>>> Fixes a integer divison by zero.
>>>>>> ---
>>>>>>  libavcodec/utils.c | 2 +-
>>>>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>>
>>>>>> diff --git a/libavcodec/utils.c b/libavcodec/utils.c
>>>>>> index 19f3f0a..33295ed 100644
>>>>>> --- a/libavcodec/utils.c
>>>>>> +++ b/libavcodec/utils.c
>>>>>> @@ -2435,7 +2435,7 @@ int avcodec_decode_subtitle2(AVCodecContext *avctx, AVSubtitle *sub,
>>>>>>          } else {
>>>>>>              avctx->internal->pkt = &pkt_recoded;
>>>>>>
>>>>>> -            if (avctx->pkt_timebase.den && avpkt->pts != AV_NOPTS_VALUE)
>>>>>> +            if (avctx->pkt_timebase.num && avpkt->pts != AV_NOPTS_VALUE)
>>>>>>                  sub->pts = av_rescale_q(avpkt->pts,
>>>>>>                                          avctx->pkt_timebase, AV_TIME_BASE_Q);
>>>>>>              ret = avctx->codec->decode(avctx, sub, got_sub_ptr, &pkt_recoded);
>>>>>>
>>>>>
>>>>> If avctx->pkt_timebase.den is 0, calling av_rescale_q here will trigger the
>>>>> av_assert2(c > 0) in av_rescale_rnd, so removing this check isn't good.
>>>>>
>>>>> Why not check for both num and den?
>>>>>
>>>>
>>>> We never check both, invalid timebase is {0, 1}, anything else needs
>>>> to have values in both.
>>>
>>> I'd call this unknown timebase, as {0, 1} is the initialization value.
>>> A {1, 0} timebase is certainly not valid.
>>>
>>>> All timebase checks are for num only.
>>>
>>> The check here was for den and there is a similar check in teletext_decode_frame.
>>
>> And thats a bug since that can actually lead to div by 0 and crash.
>
> Then please fix this bug also in teletext_decode_frame.
>

Pushed with the second fix added and slightly reworded message.

- Hendrik


More information about the ffmpeg-devel mailing list